<?php
/**
 * @version      BOSSCMS-Free
 * @trademark    BOSSCMS
 * @copyright    Copyright © by BOSSCMS-Free (https://www.bosscms.net/) 保留所有权利
 * @license      https://gitee.com/Greenpeas/BOSSCMS/license/ 和 https://www.bosscms.net/freelicense/
 * @link         https://www.bosscms.net/
 * @author       温州软界网络技术有限公司
**/
date_default_timezone_set('Asia/Shanghai');
header('Content-Type:text/html; charset=utf-8');
header('X-UA-Compatible:IE=edge,chrome=1');
error_reporting(E_PARSE|E_CORE_ERROR|E_COMPILE_ERROR|E_USER_ERROR);
@set_time_limit(0);
if(is_file('../system/install.lock')) die('系统已经安装！如需重新安装请删除/system/目录下的install.lock文件');
$version = 'V1.0';
$page = isset($_GET['page'])&&preg_match('/^\w+$/',$_GET['page'])?$_GET['page']:'license';
if(!(isset($_POST) && $_POST)){
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0,user-scalable=0,minimal-ui">
<title>BOSSCMS-Free建站系统</title>
<link href="../system/web/common/font/font-awesome.css" rel="stylesheet" />
<link href="../system/admin/common/css/bosscms.css?<?php echo mt_rand(); ?>" rel="stylesheet" />
<link href="css/install.css?<?php echo mt_rand(); ?>" rel="stylesheet" />
<script src="../system/extend/ueditor/third-party/jquery-1.10.2.min.js?<?php echo mt_rand(); ?>" ></script>
<script src="js/install.js?<?php echo mt_rand(); ?>" ></script>
<link href="../favicon.ico" rel="shortcut icon" type="image/x-icon" />
</head>
<body>
<section class="logo"><a href="https://www.bosscms.net/" target="_blank"><img src="../system/admin/common/img/logo.png" /></a></section>
<main class="install">
  <header class="head">
	<strong>BOSSCMS-Free</strong>
	<b>程序安装</b>
	<span><?php echo $version; ?></span>
	<p>当前安装版本：</p>
  </header>
<?php include('html/'.$page.'.html'); ?>
</main>
</body>
</html>
<?php
}else{
	require '../system/basic/func/global.func.php';
	if($page == 'form'){
        foreach ($_POST as $k => $v) {
            $post[$k] = str_replace(PHP_EOL,'',$v);
        }
		if(!preg_match('/^\d+$/',$post['port'])){
			alert('端口必须为数字');
		}
		if(!preg_match('/^\w+$/',$post['prefix'])){
			alert('数据表前缀必须为英文、数字、下划线的组合！');
		}
		if(!$post['username']){
			alert('管理员账户不能为空！');
		}
		if($post['password1'] !== $post['passwords']){
			alert('密码输入不一致，请重新输入！');
		}
        mysqli_report(MYSQLI_REPORT_OFF);
		if($link = @mysqli_connect($post['host'].':'.$post['port'], $post['user'], $post['password'])){
			mysqli_set_charset($link, 'UTF8');
			if(!mysqli_select_db($link, $post['database'])){
				mysqli_query($link,'CREATE DATABASE '.$post['database']);
				if(!mysqli_select_db($link, $post['database'])){
					alert('创建数据库失败');
				}
			}
			$file = '../system/basic/json/database.json';
			if(!is_file($file)){
				alert('没有可导入数据库文件');
			}
			$database = json_decode(preg_replace("/\/\*[\s\S]+?\*\//",'',file_get_contents($file)),true);
			foreach($database as $table=>$arr){
				mysqli_query($link, "DROP TABLE IF EXISTS `{$post['prefix']}{$table}`;");
				$sql = "CREATE TABLE IF NOT EXISTS `{$post['prefix']}{$table}` (";
				foreach($arr as $column=>$attr){
					$sql .= "`{$column}` {$attr},";
				}
				$sql .= "PRIMARY KEY (`id`) ) ENGINE=InnoDB  DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;";
				if(!mysqli_query($link, $sql)){
					if(!mysqli_query($link, str_replace(' ENGINE=InnoDB ','',$sql))){
						alert('创建数据表失败');
					}
				}
			}
			/* 必须添加一个语言 */
			mysqli_query($link, "INSERT INTO `{$post['prefix']}language` (`id`, `name`, `sign`, `image`, `description`, `defaults`, `display`, `target`, `sort`) VALUE ('1', '中文', 'zh', '..//upload/photo/image/zh-cn.png', '', '1', '1', '0', '0') ;");
			/* 添加版本号 */
			mysqli_query($link, "INSERT INTO `{$post['prefix']}config` (`id`, `name`, `value`, `parent`, `type`, `lang`) VALUE (null, 'version', '{$version}', '0', '1', '0') ;");
			/* 添加必要的后台config参数 */
			$config = json_decode(preg_replace("/\/\*[\s\S]+?\*\//",'',file_get_contents('../system/basic/json/config.json')),true);
			foreach($config as $v){
				mysqli_query($link, "INSERT INTO `{$post['prefix']}config` (`id`, `name`, `value`, `parent`, `type`, `lang`) VALUE (null, '{$v['name']}', '".addslashes($v['value'])."', '{$v['parent']}', '{$v['type']}', '0') ;");
			}				
			/* 添加必要的前台config参数 */
			$must = json_decode(preg_replace("/\/\*[\s\S]+?\*\//",'',file_get_contents('../system/basic/json/must.json')),true);
			foreach($must as $v){
				mysqli_query($link, "INSERT INTO `{$post['prefix']}config` (`id`, `name`, `value`, `parent`, `type`, `lang`) VALUE (null, '{$v['name']}', '".addslashes($v['value'])."', '{$v['parent']}', '{$v['type']}', '1') ;");
			}
			file_put_contents('../system/basic/ini/mysql.ini.php','<?php'.PHP_EOL.'/**'.PHP_EOL.' * MYSQL数据库连接设置'.PHP_EOL.' */'.PHP_EOL.'return <<<INI'.PHP_EOL.PHP_EOL.'host      = "'.$post['host'].'" ; /* 数据库地址 */'.PHP_EOL.'port      = "'.$post['port'].'" ; /* 数据库端口 */'.PHP_EOL.'user      = "'.$post['user'].'" ; /* 数据库用户 */'.PHP_EOL.'password  = "'.$post['password'].'" ; /* 数据库密码 */'.PHP_EOL.'database  = "'.$post['database'].'" ; /* 数据库名称 */'.PHP_EOL.'prefix    = "'.$post['prefix'].'" ; /* 数据表前缀 */'.PHP_EOL.PHP_EOL.'INI;'.PHP_EOL.'?>');
			
			define('ROOT_PATH', $_SERVER['DOCUMENT_ROOT']&&is_file($_SERVER['DOCUMENT_ROOT'].'/system/basic/class/into.class.php')?str_replace('/',DIRECTORY_SEPARATOR,$_SERVER['DOCUMENT_ROOT'].'/'):substr(dirname(__FILE__),0,-7));
			define('P', 'BOSSCMS@DEL0T_T');
			function replace($path){
				$path = str_replace('://',':'.P,$path);
				$path = str_replace('//','/',str_replace('///','/',str_replace('\\','/',$path)));
				$path = str_replace(':'.P,'://',$path);
				return $path;
			}
			$root  = replace(ROOT_PATH.'/');
			$aisle = isset($_SERVER['DOCUMENT_ROOT'])?str_ireplace(replace($_SERVER['DOCUMENT_ROOT'].'/'),'/',$root):'';
			$host  = (isset($_SERVER['HTTP_HOST'])?$_SERVER['HTTP_HOST']:$_SERVER['SERVER_NAME']).((isset($_SERVER['SERVER_PORT'])&&$_SERVER['SERVER_PORT']!=80&&$_SERVER['SERVER_PORT']!=443)?':'.$_SERVER['SERVER_PORT']:'');
			$http  = (isset($_SERVER['HTTP_X_CLIENT_SCHEME'])?$_SERVER['HTTP_X_CLIENT_SCHEME']:(isset($_SERVER['REQUEST_SCHEME'])?$_SERVER['REQUEST_SCHEME']:'http')).'://';
			$domain  = $http.replace($host.$aisle);
				
			$result = mysqli_query($link, "SELECT VERSION() AS ver");
			if($result && mysqli_num_rows($result)>0){
				$rows = mysqli_fetch_array($result, MYSQLI_ASSOC);
				$ver = $rows['ver'];
				mysqli_free_result($result);
			}
			$result = mysqli_query($link, "SELECT id FROM {$post['prefix']}manager WHERE username='{$post['username']}'");
			if($result && mysqli_num_rows($result)>0){
				mysqli_query($link, "UPDATE {$post['prefix']}manager SET password=MD5('{$post['password1']}') WHERE username='{$post['username']}'");
			}else{
				$time = time();
				$IP = getIP();
				mysqli_query($link, "DELETE FROM {$post['prefix']}manager WHERE level='1'");
				mysqli_query($link, "INSERT INTO {$post['prefix']}manager (`username`, `password`, `level`, `department`, `ip`, `frequency`, `permit`, `allow`, `ctime`, `ltime`, `image`, `alias`, `email`, `phone`, `open`) VALUE ('{$post['username']}', MD5('{$post['password1']}'), '1', '', '{$IP}', '0', '', '', '{$time}', '{$time}', '', '', '', '', '1')");
				$db = json_decode(preg_replace("/\/\*[\s\S]+?\*\//",'',file_get_contents('../system/basic/json/database.json')),true);
				mysqli_query($link, "UPDATE {$post['prefix']}config SET value='{$domain}' WHERE name='domain' AND type='0'");
				$file = 'sql/data.sql';
				if(isset($post['import']) && $post['import'] && is_file($file) && $text=file_get_contents($file)){
					if($post['prefix'] != 'bosscms_'){
						$text = str_replace(' EXISTS `bosscms_', ' EXISTS `'.$post['prefix'], $text);
						$text = str_replace('INSERT INTO `bosscms_', 'INSERT INTO `'.$post['prefix'], $text);
					}
					function dci($text, $prefix){
						$d = strpos($text,'DROP TABLE IF EXISTS `'.$prefix);
						$c = strpos($text,'CREATE TABLE IF NOT EXISTS `'.$prefix);
						$i = strpos($text,'INSERT INTO `'.$prefix);
						$s = false;
						if(is_numeric($d) && is_numeric($c) && is_numeric($i)){ 
							$s = min($d, $c, $i);
						}else if(is_numeric($d) && is_numeric($c)){ 
							$s = min($d, $c);
						}else if(is_numeric($d) && is_numeric($i)){ 
							$s = min($d, $i);
						}else if(is_numeric($c) && is_numeric($i)){ 
							$s = min($c, $i);
						}else if(is_numeric($d)){ 
							$s = $d;
						}else if(is_numeric($c)){ 
							$s = $c;
						}else if(is_numeric($i)){ 
							$s = $i;
						}
						return $s;
					}
					while($text){
						$text = substr($text, dci($text, $post['prefix']));
						$s2 = dci(substr($text,1), $post['prefix']);
						if(is_numeric($s2)){
							mysqli_query($link, substr($text, 0, $s2));
							$text = substr($text,$s2);
						}else{
							mysqli_query($link, $text);
							$text = false;
						}
					}

					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='..//upload/photo/202112/080901482.png' WHERE name='logo' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='..//upload/photo/202112/080901482.png' WHERE name='logo_mobile' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='..//upload/photo/202112/011123136.jpg' WHERE name='image' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='..//upload/photo/image/favicon.ico' WHERE name='icon' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='BOSSCMS-Free建站系统' WHERE name='title' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='某某演示站' WHERE name='home_title' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='[\"cms系统\",\"建站系统\",\"建站cms\",\"自助建站\",\"快速建站\",\"云建站\",\"建站模板\",\"saas建站\"]' WHERE name='keywords' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='BOSSCMS-Free是一款遵循Apache2.0协议发布的建站系统，100%开源商业使用。' WHERE name='description' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='<a href=\"https://beian.miit.gov.cn/\" title=\"网站备案号\" rel=\"nofollow\" target=\"_blank\">浙ICP备000000000号</a>' WHERE name='miit_beian' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='<a href=\"http://www.beian.gov.cn/portal/registerSystemInfo?recordcode=\" title=\"联网备案号\" rel=\"nofollow\" target=\"_blank\"><img src=\"../upload/photo/image/beian.png\" alt=\"联网备案号\" />浙公网安备 00000000000000号</a>' WHERE name='beian' AND type='0'");
					mysqli_query($link, "UPDATE {$post['prefix']}config SET value='<p>BOSSCMS-Free是一款基于自主研发PHP框架+MySQL架构的内容管理系统，系统开源、安全、稳定、简洁、易开发、专注为中小型企业及政企单位、个人站长、广大开发者、建站公司提供一套简单好用的网站内容管理系统解决方案。严禁使用BOSSCMS-Free建站系统从事任何的非法活动。</p>' WHERE name='foot' AND type='0'");
					
					$content = addNotes("require '../index.php';");
					$result = mysqli_query($link, "SELECT folder FROM {$post['prefix']}items WHERE type!='9'");
					if($result && mysqli_num_rows($result)>0){
						while($row = mysqli_fetch_array($result, MYSQLI_ASSOC)){
							if(preg_match('/^\w+$/',$row['folder'])){
								$dir = '../'.$row['folder'].'/';
								if(!is_dir($dir)){
									mkdir($dir);
								}
								$file = $dir.'index.php';
								if(!is_file($file)){
									touch($file);
									file_put_contents($file, $content);
								}
							}
						}
						mysqli_free_result($result);
					}
				}
				$info = array(
					'host' => $domain,
					'php' => PHP_VERSION,
					'mysql' => isset($ver)?$ver:''
				);
				$ch = curl_init();
				curl_setopt($ch, CURLOPT_URL, 'https://api.bosscms.net/rest/safeguard/?auth=free');
				curl_setopt($ch, CURLOPT_HEADER, false);
				curl_setopt($ch, CURLOPT_NOBODY, true);
				curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
				curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
				curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
				curl_setopt($ch, CURLOPT_TIMEOUT, 30);
				curl_setopt($ch, CURLOPT_POST, 1);
				curl_setopt($ch, CURLOPT_POSTFIELDS, $info);
				$res = curl_exec($ch);
				curl_close($ch);

				header('Location:./?page=success');
				die();
			}
		}else{
			$error = iconv('gbk','utf-8',mysqli_connect_error());
			if(strstr($error,'using password: YES')){
				$error = '数据库密码错误';
			}
			alert($error);
		}
	}
}
?>